Skip to content

Commit 701081b

Browse files
mergify[bot]pkoutsovasilis
mergify[bot]
and
pkoutsovasilis
authored
fix: package fleet-server using golang-crossbuild (#5392) (#5430)
* fix: package fleet-server using golang-crossbuild and introduce packaging steps on every PR * feat: save artifacts during packaging for DRA * fix: disable CGO and buildmode pie * doc: add changelog fragment (cherry picked from commit 7da3f69) Co-authored-by: Panos Koutsovasilis <[email protected]>
1 parent ddd78c4 commit 701081b

File tree

6 files changed

+94
-29
lines changed

6 files changed

+94
-29
lines changed

.buildkite/pipeline.package.mbp.yml

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,8 @@ steps:
2727
provider: "gcp"
2828
image: "${IMAGE_UBUNTU_X86_64}"
2929
machineType: "c2-standard-16"
30+
artifact_paths:
31+
- build/distributions/**
3032
plugins:
3133
- *oidc_plugin
3234

@@ -39,6 +41,8 @@ steps:
3941
provider: "gcp"
4042
image: "${IMAGE_UBUNTU_X86_64}"
4143
machineType: "c2-standard-16"
44+
artifact_paths:
45+
- build/distributions/**
4246
plugins:
4347
- *oidc_plugin
4448

@@ -52,6 +56,8 @@ steps:
5256
provider: "gcp"
5357
image: "${IMAGE_UBUNTU_X86_64}"
5458
machineType: "c2-standard-16"
59+
artifact_paths:
60+
- build/distributions/**
5561
plugins:
5662
- *oidc_plugin
5763

@@ -66,6 +72,8 @@ steps:
6672
provider: "gcp"
6773
image: "${IMAGE_UBUNTU_X86_64}"
6874
machineType: "c2-standard-16"
75+
artifact_paths:
76+
- build/distributions/**
6977
plugins:
7078
- *oidc_plugin
7179

@@ -77,6 +85,8 @@ steps:
7785
provider: "aws"
7886
imagePrefix: "${IMAGE_UBUNTU_ARM_64}"
7987
instanceType: "t4g.2xlarge"
88+
artifact_paths:
89+
- build/distributions/**
8090
plugins:
8191
- *oidc_plugin
8292

@@ -89,6 +99,8 @@ steps:
8999
provider: "aws"
90100
imagePrefix: "${IMAGE_UBUNTU_ARM_64}"
91101
instanceType: "t4g.2xlarge"
102+
artifact_paths:
103+
- build/distributions/**
92104
plugins:
93105
- *oidc_plugin
94106

@@ -102,6 +114,8 @@ steps:
102114
provider: "aws"
103115
imagePrefix: "${IMAGE_UBUNTU_ARM_64}"
104116
instanceType: "t4g.2xlarge"
117+
artifact_paths:
118+
- build/distributions/**
105119
plugins:
106120
- *oidc_plugin
107121

@@ -116,6 +130,8 @@ steps:
116130
provider: "aws"
117131
imagePrefix: "${IMAGE_UBUNTU_ARM_64}"
118132
instanceType: "t4g.2xlarge"
133+
artifact_paths:
134+
- build/distributions/**
119135
plugins:
120136
- *oidc_plugin
121137

.buildkite/pipeline.yml

Lines changed: 62 additions & 24 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,8 @@
33
env:
44
DOCKER_COMPOSE_VERSION: "1.25.5"
55
TERRAFORM_VERSION: "1.6.4"
6+
IMAGE_UBUNTU_X86_64: "family/core-ubuntu-2204"
7+
IMAGE_UBUNTU_ARM_64: "core-ubuntu-2204-aarch64"
68
IMAGE_UBUNTU_X86_64_FIPS: "platform-ingest-fleet-server-ubuntu-2204-fips"
79

810
# This section is used to define the plugins that will be used in the pipeline.
@@ -22,6 +24,13 @@ common:
2224
- docker_elastic_login_plugin: &docker_elastic_login_plugin
2325
elastic/vault-docker-login#v0.6.0:
2426
secret_path: 'kv/ci-shared/platform-ingest/elastic_docker_registry'
27+
# See https://github.com/elastic/oblt-infra/blob/main/conf/resources/repos/fleet-server/01-gcp-buildkite-oidc.tf
28+
# This plugin authenticates to Google Cloud using the OIDC token.
29+
- oidc_plugin: &oidc_plugin
30+
elastic/oblt-google-auth#v1.2.0:
31+
lifetime: 10800 # seconds
32+
project-id: "elastic-observability-ci"
33+
project-number: "911195782929"
2534

2635
steps:
2736
- group: "Check and build"
@@ -33,18 +42,63 @@ steps:
3342
agents:
3443
provider: "gcp"
3544

36-
- label: ":building_construction: Run local build"
37-
key: make-local
38-
command: ".buildkite/scripts/local_build.sh"
45+
- label: "Package x86_64"
46+
key: "package-x86-64-pr"
47+
env:
48+
PLATFORMS: "linux/amd64,darwin/amd64,windows/amd64"
49+
command: ".buildkite/scripts/release_test.sh"
50+
artifact_paths:
51+
- build/distributions/**
3952
agents:
4053
provider: "gcp"
54+
image: "${IMAGE_UBUNTU_X86_64}"
55+
machineType: "c2-standard-16"
56+
plugins:
57+
- *oidc_plugin
4158

42-
- label: ":building_construction: Run local build: MacOS"
43-
key: make-local-macos
44-
command: ".buildkite/scripts/local_build.sh"
59+
- label: "Package x86_64 FIPS"
60+
key: "package-fips-x86-64-pr"
61+
env:
62+
FIPS: "true"
63+
PLATFORMS: "linux/amd64"
64+
command: ".buildkite/scripts/release_test.sh"
65+
artifact_paths:
66+
- build/distributions/**
4567
agents:
46-
provider: orka
47-
imagePrefix: generic-13-ventura-arm
68+
provider: "gcp"
69+
image: "${IMAGE_UBUNTU_X86_64}"
70+
machineType: "c2-standard-16"
71+
plugins:
72+
- *oidc_plugin
73+
74+
- label: "Package aarch64"
75+
key: "package-arm64-pr"
76+
env:
77+
PLATFORMS: "linux/arm64,darwin/arm64"
78+
command: ".buildkite/scripts/release_test.sh"
79+
artifact_paths:
80+
- build/distributions/**
81+
agents:
82+
provider: "aws"
83+
imagePrefix: "${IMAGE_UBUNTU_ARM_64}"
84+
instanceType: "t4g.2xlarge"
85+
plugins:
86+
- *oidc_plugin
87+
88+
- label: "Package aarch64 FIPS"
89+
key: "package-fips-arm64-pr"
90+
env:
91+
FIPS: "true"
92+
PLATFORMS: "linux/arm64"
93+
command: ".buildkite/scripts/release_test.sh"
94+
artifact_paths:
95+
- build/distributions/**
96+
agents:
97+
provider: "aws"
98+
imagePrefix: "${IMAGE_UBUNTU_ARM_64}"
99+
instanceType: "t4g.2xlarge"
100+
plugins:
101+
- *oidc_plugin
48102

49103
- group: "Performance test"
50104
key: "performance-test"
@@ -288,22 +342,6 @@ steps:
288342
depends_on:
289343
- step: "publish"
290344

291-
- label: ":gcloud: Release test"
292-
key: "release-test"
293-
command: ".buildkite/scripts/release_test.sh"
294-
agents:
295-
provider: "gcp"
296-
depends_on:
297-
- step: "tests"
298-
allow_failure: false
299-
plugins:
300-
# See https://github.com/elastic/oblt-infra/blob/main/conf/resources/repos/fleet-server/01-gcp-buildkite-oidc.tf
301-
# This plugin authenticates to Google Cloud using the OIDC token.
302-
- elastic/oblt-google-auth#v1.2.0:
303-
lifetime: 10800 # seconds
304-
project-id: "elastic-observability-ci"
305-
project-number: "911195782929"
306-
307345
- label: ":jenkins: Release - Package Registry Distribution"
308346
key: "release-package-registry"
309347
trigger: "package-registry-release-package-registry-distribution"

.buildkite/scripts/package.sh

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -35,10 +35,10 @@ with_mage
3535
case "${TYPE}" in
3636
"snapshot")
3737
export SNAPSHOT=true
38-
mage build:release
38+
mage docker:release
3939
;;
4040
"staging")
41-
mage build:release
41+
mage docker:release
4242
;;
4343
*)
4444
echo "The option is unsupported yet"

Dockerfile.fips

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,7 @@ ARG SUFFIX
2929
FROM docker.elastic.co/beats-dev/golang-crossbuild:${GO_VERSION}-${SUFFIX} AS builder
3030

3131
WORKDIR /fleet-server
32-
32+
ENV PATH="$PATH:/go/bin"
3333
COPY go.mod go.sum ./
3434
RUN go mod download && go mod verify
3535
RUN go install github.com/magefile/mage # uses version in go.mod

changelog/fragments/1756940128-fix-binary-compilation.yaml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
kind: bug-fix
2+
summary: Build fleet-server as fully static binary to restore OS matrix compatibility
3+
component: fleet-server
4+
pr: https://github.com/elastic/fleet-server/pull/5392
5+
issue: https://github.com/elastic/fleet-server/issues/5262

magefile.go

Lines changed: 8 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -90,7 +90,6 @@ const (
9090

9191
// const and vars used by magefile.
9292
const (
93-
buildMode = "pie"
9493
binaryName = "fleet-server"
9594
binaryExe = "fleet-server.exe"
9695

@@ -671,6 +670,7 @@ func (Check) All() {
671670
// FIPS creates a FIPS capable binary.
672671
func (Build) Local() error {
673672
env := environMap()
673+
env["CGO_ENABLED"] = "0"
674674
if isFIPS() {
675675
addFIPSEnvVars(env)
676676
}
@@ -704,6 +704,7 @@ func goBuild(osArg, archArg string, cover bool) error {
704704
env := environMap()
705705
env["GOOS"] = osArg
706706
env["GOARCH"] = archArg
707+
env["CGO_ENABLED"] = "0"
707708
distArr := []string{"fleet-server"}
708709
if isFIPS() {
709710
addFIPSEnvVars(env)
@@ -729,7 +730,6 @@ func goBuild(osArg, archArg string, cover bool) error {
729730
"-tags=" + getTagsString(),
730731
"-gcflags=" + getGCFlags(),
731732
"-ldflags=" + getLDFlags(),
732-
"-buildmode=" + buildMode,
733733
"-o", outFile,
734734
}
735735
if cover {
@@ -1007,9 +1007,14 @@ func (Docker) Image() error {
10071007
} else if isDEV() {
10081008
version += "-dev"
10091009
}
1010+
suffix := dockerSuffix
1011+
if runtime.GOARCH == "arm64" {
1012+
suffix = dockerArmSuffix
1013+
}
10101014
if isFIPS() {
10111015
dockerFile = dockerBuilderFIPS
10121016
image += "-fips"
1017+
suffix += "-fips"
10131018
}
10141019
if v, ok := os.LookupEnv(envDockerImage); ok && v != "" {
10151020
image = v
@@ -1023,6 +1028,7 @@ func (Docker) Image() error {
10231028
"--build-arg", "VERSION="+getVersion(),
10241029
"--build-arg", "GCFLAGS="+getGCFlags(),
10251030
"--build-arg", "LDFLAGS="+getLDFlags(),
1031+
"--build-arg", "SUFFIX="+suffix,
10261032
"-f", dockerFile,
10271033
"-t", image+":"+version,
10281034
".",

0 commit comments

Comments
 (0)